package com.newland.zxy.controller;

import com.newland.zxy.config.MySecurityUtils;
import com.newland.zxy.service.LoginService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @author : zhangxuyuan
 * @Project: springsecurity
 * @Package com.newland.zxy.controller
 * @date Date : 2021年02月08日 10:32
 */
@RestController
public class IndexController {

    @Autowired
    private LoginService loginService;
    //如果需要精确到某个权限校验可以添加这样的注解
//    @PreAuthorize("hasAuthority('user')")
    @GetMapping("/test/index")
    public String testIndex()
    {
        return "test-Index";
    }

    @GetMapping("/login")
    public String login(@RequestParam String username, @RequestParam String password,
                        HttpServletResponse response) throws IOException {
        try {
            return loginService.login(username,password);
        } catch (Exception e) {
            MySecurityUtils.responseForbiden(response);
            return null;
        }
    }

    @GetMapping("/")
    public String index()
    {
        return "首页";
    }
}
